U.S. patent number 8,321,953 [Application Number 11/486,799] was granted by the patent office on 2012-11-27 for secure storage device with offline code entry.
This patent grant is currently assigned to Imation Corp.. Invention is credited to David Alexander Jevans.
United States Patent |
8,321,953 |
Jevans |
November 27, 2012 |
**Please see images for:
( Certificate of Correction ) ** |
Secure storage device with offline code entry
Abstract
A system to authorize access to secured data storage can
comprise a user interface configured to receive a user code offline
from a user to allow access to stored data, circuitry configured to
authorize access to the stored data based, at least in part, on the
user code and provide access to the stored data, and a storage
system configured to store the stored data.
Inventors: |
Jevans; David Alexander (Los
Altos, CA) |
Assignee: |
Imation Corp. (Oakdale,
MN)
|
Family
ID: |
37662945 |
Appl.
No.: |
11/486,799 |
Filed: |
July 14, 2006 |
Prior Publication Data
|
|
|
|
Document
Identifier |
Publication Date |
|
US 20070016743 A1 |
Jan 18, 2007 |
|
Related U.S. Patent Documents
|
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
Issue Date |
|
|
60698899 |
Jul 14, 2005 |
|
|
|
|
Current U.S.
Class: |
726/27;
707/825 |
Current CPC
Class: |
G06F
21/32 (20130101); G06F 21/79 (20130101); G06F
21/31 (20130101) |
Current International
Class: |
G06F
21/00 (20060101) |
Field of
Search: |
;726/27 ;707/825 |
References Cited
[Referenced By]
U.S. Patent Documents
Foreign Patent Documents
|
|
|
|
|
|
|
WO 02/47081 |
|
Jun 2002 |
|
WO |
|
WO0247081 |
|
Jun 2002 |
|
WO |
|
Other References
Denning, Dorothy E. et al. "A Taxonomy for Key Escrow Encryption
Systems," Communications of the ACM, vol. 39, No. 3, pp. 34-40
(Mar. 1996). cited by other .
Tal, Arie. "Two Technologies Compared: NOR v. NAND", White Paper,
01-SR-012-04-8L, Rev. 1.1, Jul. 2003, pp. 1-14. cited by other
.
National Institute of Standards and Technology. "Federal
Information Processing Standards Publication 197." Nov. 2001. cited
by other .
Kingston. "Kingston Data Traveler Elite: Advanced Security and High
Performance." Oct. 2004.
http://www.kingstom.com/digitalmedia/dt.sub.--elite.wp.pdf. cited
by other .
Army Regulation 380-19. "Information Systems Security." Feb. 27,
1998. Department of the Army. Appendix F. pp. 28-30. cited by other
.
Sedaghat et al. "A Dynamic Web Agent for Verifying the Security and
Integrity of a Web Site's Contents," IEEE, Aug. 2002. cited by
other .
Gutmann, Peter. "Secure Deletion of Data from Magnetic and
Solid-State Memory." USENIX. Sixth USENIX Security Symposium
Proceedings, San Jose, California, Jul. 1996.
http://www.cs.auckland.ac.nz/.about.pgut001/pubs/secure.sub.--del.html.
cited by other .
Fischer, Viktor et al. "True Random No. Generator Embedded in
Reconfigurable Hardware." Springer-Verlag. Lecture Notes in
Computer Science. vol. 2523, pp. 415-430. 2003. cited by
other.
|
Primary Examiner: Popham; Jeffrey D
Attorney, Agent or Firm: Levitt; Kenneth E. Dorsey &
Whitney LLP
Parent Case Text
CROSS-REFERENCE TO RELATED APPLICATIONS
This claims benefit to U.S. provisional patent Ser. No. 60/698,899,
filed Jul. 14, 2005, entitled "Secure Storage Device with Offline
Password Entry" which is incorporated by reference herein.
Claims
What is claimed is:
1. A portable data storage device comprising: a memory system
comprising a database for storing data; an encryptor for encrypting
and decrypting the data stored within the database; a module for
authorizing access to the data stored within the database, the
module comprising: a file system for maintaining a scrambled
database file system comprising a map of the data stored within the
database, the file system separated from the database on the
portable data storage device; and an authorization module for
authenticating a user code to authorize access to the data stored
within the database, wherein the authorization module unscrambles
the database file system and generates an authorization signal when
the access is authorized; a user interface for receiving the user
code offline, before operationally coupling the portable data
storage device to a digital device; and a controller for
communicating with the digital device, wherein the controller
provides access to the data stored within the database based on the
authorization signal from the authorization module.
2. The storage device of claim 1, further comprising separate chips
within the storage device for retaining the database and the module
for authorizing access to the data.
3. The storage device of claim 2, wherein the digital device is not
able to identify the data stored within the database without the
database file system.
4. The storage device of claim 1, wherein a data partition
containing the database is mounted when the access is authorized,
in response to operationally coupling the storage device to the
digital device.
5. The storage device of claim 1, wherein the encryptor is
configured to decrypt a security code using the user code.
6. The storage device of claim 5, wherein the authorization module
is configured to compare the security code to one or more
authentication passwords stored within the file system.
7. The storage device of claim 6, wherein the file system
associates each authentication password with a different partition
for mounting when the storage device is operationally coupled to
the digital device.
8. The storage device of claim 1, wherein the file system maintains
a list of user codes associated with different partitions for
mounting when the storage device is operationally coupled to the
digital device.
9. The storage device of claim 1, wherein the controller is
configured to identify the storage device as a compact disc in
response to an identification query from the digital device.
10. The storage device of claim 9, wherein the controller provides
an automatic authorization check program to determine whether
access to the data stored within the database is authorized.
11. The storage device of claim 10, wherein the controller is
configured to refuse access to the database when the access is not
authorized, as determined by the automatic authorization check
program.
12. The storage device of claim 1, further comprising an
authorization indicator on the storage device, wherein the device
controller is configured to send a signal to the authorization
indicator to indicate that access is authorized or denied, and to
generate a signal for the authorization indicator to indicate that
the storage device is locked.
13. The storage device of claim 1, wherein the user interface
comprises means for entering a character.
14. The storage device of claim 1, wherein the user interface
comprises means for receiving a voice, fingerprint, or retina
scan.
15. The storage device of claim 1, wherein the authorization module
is configured to lock the storage device based on a predetermined
number of attempts to authorize access, such that the storage
device refuses to accept any user code until reset.
16. The storage device of claim 15, wherein the device controller
is configured to receive a reset key and the authorization module
is configured to determine whether the reset key is authentic prior
to resetting the storage device.
17. The storage device of claim 16, wherein the reset key is
requestable by authenticating a user identity on a website.
18. The storage device of claim 16, wherein the reset key is
receivable on purchase of the storage device.
19. The storage device of claim 1, wherein the access is authorized
only for a predetermined amount of time before reauthorization is
required, unless the storage device is operationally coupled to the
digital device.
20. The storage device of claim 19, wherein re-authorization is
required after a predetermined period of inactivity when the
storage device is operationally coupled to the digital device, such
that the access is denied until the re-authorization.
21. The storage device of claim 1, further comprising a connector
for operationally coupling the storage device to the digital
device.
22. The storage device of claim 21, wherein the connector comprises
a USB connector.
23. The storage device of claim 1, further comprising wireless
means for operationally coupling the storage device to the digital
device.
24. A method comprising: receiving a user code from a user
interface on a portable data storage device, wherein the user code
is received offline, before operationally coupling the portable
data storage device to receive commands from a processor;
authenticating the user code to authorize access to data stored
within a database on the portable data storage device; upon
authorization, descrambling a database file system maintained by a
file system separated from the database on the portable data
storage device, wherein the database file system comprises a map to
identify the data stored within the database; in response to the
operational coupling, mounting a partition containing the database;
decrypting the data stored within the database; and providing
access to the data stored within the database to the processor.
25. The method of claim 24, further comprising encrypting data
transmitted from the processor and storing the encrypted data
within the database.
26. The method of claim 24, wherein the file system and the
database are provided on separate chips within the portable data
storage device.
27. The method of claim 24, wherein the processor is not able to
identify the data stored within the database without the database
file system.
28. The method of claim 24, further comprising maintaining a list
of different partitions within the file system, wherein mounting
the partition containing the database comprises mounting one of the
different partitions based on the user code.
29. The method of claim 24, further comprising: in response to an
identification query from the processor, identifying the storage
device as a compact disc; providing an automatic authorization
check program to the processor, wherein the automatic authorization
check program determines whether access to the data stored within
the database is authorized; and refusing access to the database
when the access is not authorized, as determined by the automatic
authorization check program.
30. The method of claim 24, further comprising locking the storage
device based on a predetermined number of attempts to authorize
access, such that the storage device refuses to authorize the
access until reset.
31. A portable memory device comprising: a USB connector for
operationally coupling the device to a host system; a memory system
comprising a database for storing data; an encryptor connected to
the memory system for encrypting and decrypting the data; a user
interface connected to the encryptor for receiving a user code to
access the data, wherein the user code is received offline, before
operationally coupling to the host system; a controller connected
to the encryptor for providing the host system access to the data
by mounting a partition containing the database in response to the
operational coupling, when the access is authorized; and a module
connected to the controller and separated from the database on the
device, the module separated from the database comprising: an
authorization module for authorizing the access by authenticating
the user code; and a file system maintaining a scrambled database
file system configured to identify the data stored within the
database, wherein the authorization module descrambles the database
file system when the access is authorized.
32. The device of claim 31, wherein the database and the module
separated from the database are retained on separate chips on the
portable memory device.
33. The device of claim 31, wherein the file system maintains a
list of user codes associated with different partitions and the
controller mounts the partition containing the database based on
the list and the user code.
34. The device of claim 31, wherein the authorization module is
configured to lock the storage device based on a predetermined
number of attempts to authorize access, such that the device
refuses to authorize the access until reset.
35. The device of claim 31, wherein the controller is configured to
refuse access to the database when the access is not authorized, as
determined by an automatic authorization check program provided to
the host system.
Description
BACKGROUND
1. Field of the Invention
The present invention relates generally to data storage, and more
particularly to secure data storage devices.
2. Background Art
As data processing becomes ubiquitous, users are increasingly
demanding that data be both mobile and secure. Although networks,
such as the Internet, can transmit data from one computer to
another, users often must identify and transmit the data they need
to the proper destination. Unfortunately, the data may fail to be
transmitted due to firewalls, proxies, spam blockers, size
limitations, technical error, or human error. Further, it is not
always practical for users to guess what data is needed at a future
time and the location of the need. The data is also often routed
through unsecure servers or network devices which can intercept the
data and further compromise security.
As a result of these problems, users often load data on USB memory
devices (e.g., a memory stick) and carry data with them.
Unfortunately, USB memory devices can be stolen and accessed by
thieves. Some USB memory devices have passwords which must be
entered on the host computer before accessing the stored data.
However, the password can be cracked (e.g., a brute force attack)
and the data accessed.
Some USB memory devices lock the stored data after a predetermined
number of password attempts have been made to prevent data theft.
Unfortunately, the lock is often easy to reset. Further, the
attacker can make a copy of the data stored in the USB memory
device, enter the predetermined number of password attempts, delete
the data, recopy the data, and enter new password attempts. This
process can be repeated until successful thereby inevitably
accessing the data.
SUMMARY OF THE INVENTION
An exemplary system to authorize access to secured data storage
comprises a user interface configured to receive a user code
offline from a user to allow access to stored data, circuitry
configured to authorize access to the stored data based, at least
in part, on the user code and provide access to the stored data,
and a storage system configured to store the stored data. The
system may further comprise a communications interface configured
to send a signal to a digital device that the stored data is
authorized for access. Also, the circuitry can be further
configured to alert the user that access to the stored data is
allowed based on the authorization. The system may further comprise
a power system to supply power to the circuitry.
In authorizing access to the stored data, the circuitry may be
configured to decrypt a security code based on the user code. The
circuitry may also be configured to decrypt at least some of the
stored data. Further, the circuitry may be configured to send a
signal to the digital device to recognize and mount a data
partition where the stored data is retained.
The user interface may comprise a numerical keyboard, radial dial,
or biometric sensor. The storage system may comprise flash memory
or a hard disk drive.
An exemplary method to authorize access to secured data storage
comprises receiving a user code offline from a user to allow access
to stored data, authorizing access to the stored data based, at
least in part, on the user code, and providing access to the stored
data.
An exemplary software product to authorize access to secured data
storage comprises software operational when executed by a processor
to receive a user code offline from a user to allow access to
stored data, authorize access to the stored data based, at least in
part, on the user code, and provide access to the stored data and a
storage medium configured to store the software product.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 depicts a secure storage device, in accordance with one
embodiment of the present invention.
FIG. 2 depicts a block diagram of a secure storage device, in
accordance with one embodiment of the present invention.
FIG. 3 is a flow chart for the entry of a user code to access
stored data, in accordance with one embodiment of the present
invention.
FIG. 4 is another flow chart for the entry of a user code to access
stored data, in dance with one embodiment of the present
invention.
FIG. 5 is a flow chart for locking and resetting the secure storage
device, in accordance with one embodiment of the present
invention.
FIG. 6 depicts a secure storage device, in accordance with one
embodiment of the present invention.
DETAILED DESCRIPTION
The embodiments discussed herein are illustrative of one example of
the present invention. As these embodiments of the present
invention are described with reference to illustrations, various
modifications or adaptations of the methods and/or specific
structures described may become apparent to those skilled in the
art. All such modifications, adaptations, or variations that rely
upon the teachings of the present invention, and through which
these teachings have advanced the art, are considered to be within
the scope of the present invention. Hence, these descriptions and
drawings should not be considered in a limiting sense, as it is
understood that the present invention is in no way limited to only
the embodiments illustrated.
A secure storage device, such as portable memory device, can
require the user to input a user code offline to unlock the stored
data within the secure storage device. A user code is manually
input the secure storage device and comprises a password, code, or
a user identifier. The user code can be a unique set of characters
that may contain a variety of characters (alphanumeric, numeric,
symbols, or special characters). In other embodiments, the user
code can comprise a user identifier such as a fingerprint, voice
identifier, or retina scan. Entering the user code offline
comprises the user entering the user code into the secure storage
device before the secure storage device is operationally coupled
with a digital device. To be operationally coupled, the secure
storage device is coupled with a digital device and is enabled to
receive commands and/or data from the digital device. A digital
device is any device with a processor capable of sending or
receiving data (e.g., a computer, laptop, personal digital
assistant, and cell phone).
In one example, the user enters the user code into the secure
storage device to authorize access to the stored data. The user can
subsequently plug the secure storage device into the digital
device. The digital device can then proceed to mount an unlocked
data partition and access the stored data. If the user does not
enter the user code or enters an incorrect user code and proceeds
to plug the secure storage device into the digital device, the
digital device may not be able to access the stored data.
By entering the user code directly into the secure storage device
rather than through a digital device, neither the stored data nor
the device driver may be accessed. In some embodiments, the digital
device does not recognize the secure storage device and the media
within the secure storage device cannot be mounted until the
correct user code is entered. Consequently, the stored data cannot
be copied from the secure storage device without a user code. As a
result, the stored data cannot be copied from the secure storage
device onto another media to attack the user code or apply new
software attacks to retrieve the stored data. The danger of theft
of the secure storage device is reduced as the thief may not be
able to access the stored data.
Referring to FIG. 1, a secure storage device 100 in accordance with
one embodiment of the present invention is shown. The secure
storage device 100 comprises a USB connector 110 coupled to a
secure storage device housing 150. A user can turn a user input
knob 140 to turn a radial dial input 130 to enter the user code
into the secure storage device 100. A code indicator 120 marks a
code character 170 to be entered into cure storage device 100 as a
part of the user code. An authorization indicator 160 indicates
when the user code has been accepted and access to the stored data
on the secure storage device 100 has been authorized.
In one example, a user carries stored data within the secure
storage device 100. Prior to plugging the secure storage device 100
into a digital device's USB port, the user enters the user code
into the secure storage device 100 by turning the user input knob
140 to turn the radial dial input 130 so that one or more code
characters 170 are lined up with the code indicator 120. After the
correct user code has been entered, the authorization indicator 160
can illuminate or otherwise indicate that access to the stored data
has been authorized. The user may then proceed to plug the secure
storage device 100 into the digital device to access the stored
data.
If the user fails to enter the correct user code but plugs the
secure storage device 100 into the digital device, the digital
device may fail to recognize the secure storage device 100, fail to
mount the digital media within the secure storage device 100, fail
to execute the device driver for the secure storage device 100,
and/or be unable to access the stored data.
In various embodiments, the user can turn the turn the user input
knob 140 to align the code character 170 on the radial dial input
130 with the code indicator 120 and the enter the code character
170 into the secure storage device 100. In one example, the user
depresses the user input knob 140 to enter the code character 170
aligned with the code indicator 120. In another example, the user
depresses a button (not depicted) to enter the code character 170
into the user code. In some embodiments, there is a switch or
button that locks the secure storage device 100 to prevent the user
from inputting a user code or code character 170 unintentionally
(e.g., while the user is carrying the secure storage device 100 in
a pocket).
The USB connector 110 can be coupled to any USB port of the digital
device. Although a USB connector 110 is depicted in FIG. 1, the
secure storage device 100 is not limited to a USB type connector.
In some embodiments, the secure storage device 100 can be coupled
to the digital device through a firewire port, Ethernet connector,
serial port, parallel port, SCSI port, or ATA connector. Further,
the secure storage device 100 can operationally couple wirelessly
to the digital device over 802.11a/b/g/n standards, Bluetooth, or
wireless USB. It is apparent to those skilled in the art that the
secure storage device 100 can be operationally coupled to the
digital device in many ways.
In various embodiments, the secure storage device 100 can be
physically or wirelessly coupled to the digital device but the
connection is not operational until the user code is entered into
the secure storage device 100. In one example, the secure storage
device 100 comprises the USB connector 110 coupled to the digital
device. Until the user code is entered into the secure storage
device 100, the digital device may not recognize the secure storage
device 100, load the device driver for the secure storage device
100, or mount the media contained within the secure storage device
100.
The storage device housing 150 may contain any type of data storage
medium or storage system as well as a power source. The data
storage medium (not depicted) may comprise flash memory (e.g., NAND
flash or NOR flash memory), a hard drive, ram disk, or any other
kind of data storage. A storage system (further described in FIG.
6) can comprise the data storage medium. The power source (not
depicted) can be a rechargeable battery, a replaceable battery
(e.g., AA), or a capacitor. In some embodiments, the battery or
capacitor can be recharged by the digital device through the USB
connector 110 (or any connector that couples the secure storage
device 100 to the digital device).
Similarly, although the user code input is facilitated by the
radial dial input 130, the user input knob 140, and the code
indicator 120 in FIG. 1, it is apparent to those skilled in the art
that the user code can be input into the secure storage device 100
in many ways. In one example, the secure storage device 100
comprises a keypad with which the user can press keys to enter the
user code. In another example, the secure storage device 100
comprises a biometric sensor which can receive the voice,
fingerprint, or retina scan of the user as the user code.
The authorization indicator 160 displays an indicator when the user
code has been accepted and that access to the stored data is
authorized. The authorization indicator 160 can comprise a light
emitting diode (LED) that emits a light to indicate that the user
code has been accepted. In some embodiments, the authorization
indicator 160 can generate a light of a first color to indicate
user code acceptance (e.g., green) and a second color to indicate
that the user code has been rejected (e.g., red). The authorization
indicator 160 may comprise multiple LEDs to indicate user code
acceptance, rejection, or lockout of the secure storage device 100
(further discussed in FIG. 5). An authorization lockout may be
triggered if one or more incorrect user codes are received. An
authorization lockout locks the secure storage device 100 so that
the secure storage device 100 will refuse to accept any user codes
until reset. In other embodiments, a sound may be generated by the
secure storage device 100 to indicate that the user code has been
accepted or rejected.
FIG. 2 is a block diagram of a secure storage device 100, in
accordance with one embodiment of the present invention. The secure
storage device 100 comprises a device controller 200 coupled to the
keystore module 210. The keystore module 210 comprises an
authorization module 220 and a file system 230. The device
controller 200 is further coupled to an encryptor 250 which is
further coupled to database 260 and a user interface module
270.
The device controller 200 can comprise the device driver for the
secure storage device 100. The device controller 200 controls the
communication with the digital device (not depicted) as well as the
operations within the secure storage device 100. In some
embodiments, the device controller 200 can control a processor or
circuitry within the secure storage device 100.
In various embodiments, the device controller 200 receives an
identification query from a digital device requesting the type of
device of the secure storage device 100. If authorized, the device
controller 200 can respond by transmitting a signal to the digital
device identifying the secure storage device 100 and allowing any
digital media to be mounted within the operating system of the
digital device. If not authorized, the device controller 200 may
refuse to respond or reject the digital device's attempts to mount
the digital media.
In other embodiments, the device controller 200 receives the
identification query from the digital device and identifies the
secure storage device 100 as a compact disc (CD). The digital
device may then attempt to automatically run an authorization check
program from the device controller 200. This feature is similar to
automatically playing the first song on an audio CD upon loading of
the CD. The authorization check program can determine if access to
the stored data is authorized. If access to stored data is not
authorized, the authorization check program may terminate or the
transmission of data between the digital device and the secure
storage device 100 may terminate. Further, the device controller
200 may refuse to allow the digital device access to the database
260 and/or refuse to allow the digital media to be mounted.
The device controller 200 may also control the authorization
indicator 160 (FIG. 1) based on an authorization indicator signal
from the authorization module 220. In one example, if access to the
stored data is authorized, the device controller 200 may send a
signal to the authorization indicator 160 to illuminate an LED or
generate a sound to indicate that access to the stored data is
authorized. The device controller 200 can also generate a signal to
the authorization indicator 160 to illuminate an LED or generate a
sound to indicate that authorization is denied or that the secure
storage device 100 is locked.
The keystore module 210 authorizes access to the stored data within
the database 260. The keystore module 210 comprises the
authorization module 220 and optionally a file system 230. In some
embodiments, the keystore module 210 also comprises one or more
authentication passwords to authorize access to the stored data. In
other embodiments, the one or more authentication passwords are
within the file system 230. An authentication password is a
password, code, or key retained the secure storage device 100 to
authenticate the user code.
The authorization module 220 receives the user code or a security
code (discussed herein) and determines if the user is authorized to
access the stored data. In exemplary embodiments, the authorization
module 220 determines if the user is authorized to access the
stored data based on the user code (or the security code) and the
one or more authentication passwords. In one example, the
authorization module decrypts an authentication password with user
code (or security code). If the decrypted authentication password
is correct, then the user may be authorized to access the stored
data. If the user is authorized to access the stored data, the
authorization module 220 may transmit an authorization signal to
the device controller 200 to authorize access. If the user is not
authorized, the authorization module 220 may refuse to respond to
subsequent attempts to access the data (e.g., locking the secured
storage device 100).
In some embodiments, the secure storage device 100 does not
comprise authentication passwords. As a result, the authorization
module 220 can base the authorization determination on the user
code. Those skilled in the art will appreciate that there may be
many methods in which the authorization module 220 determine
authorization to access the stored data based, at least in part, on
the user code or security code.
The file system 230 can maintain a list of one or more
authentication passwords and/or the file system of the database
260. In various embodiments, the file system 230 can associate each
authentication password with a different partition within the
digital media. As a result, separate user codes may access
different partitions within the digital media. In one example, a
first user code entered by a user may authorize access to a
partition with data used at the user's home. A second user code may
authorize access to a partition with business data. As a result, a
single secure storage device 100 may be shared with co-workers or
others which may be allowed to access some, but not all, of the
stored data retained within the secure storage device 100. In other
embodiments, the file system 230 can maintain a list of one or more
user codes associated with the different partitions within the
digital media.
Further, in some embodiments, the file system 230 maintains the
scrambled database file system of the database 260. The database
file system is a map of the stored data retained within the
database 260. Without the database file system, the digital device
may not be able to identify stored data contained within the
database 260. By separating the database file system from the
database 260, a thief who removes the database 260 from the secure
storage device 100 may fail to steal the database file system.
Further, the database file system may be scrambled. The
authorization module 220 can unscramble the database file system
within the file system 230 or the database 260 when access to the
stored data is authorized.
The encryptor 250 functions to encrypt or decrypt security codes,
stored data within the database 260, or the file system 230. In
exemplary embodiments, the stored data within the database 260 is
encrypted. If access to stored data is authorized, the encryptor
250 encrypts data transmitted from the digital device prior to
storage within the database 260. Further, as stored data is
requested from the database 260, the encryptor 250 can decrypt the
stored data prior to transmission of the stored data to the digital
device. As a result, the stored data within the database 260 may
always be encrypted.
The encryptor 250 can also decrypt the security code using the user
code prior to authorization. When the security code is decrypted,
the security code may be sent to the authorization module 220 where
it may be compared to the one or more authentication passwords
within the keystore module 210. In some embodiments, the database
260 and the keystore module 210 are retained on separate chips
within the secure storage device 100.
The database 260 can comprise one more databases or other data
structures of stored data. The database 260 may be contained within
a storage system. The storage system is further discussed in FIG.
6.
The user interface module 270 controls the user interface (e.g.,
the radial dial input 130 in FIG. 1) and receives the user code. In
exemplary embodiments, the user interface module 270 receives the
user code from the user. In some embodiments, the user interface
module 270 sends the user code to the encryptor 250 to decrypt the
user code. In other embodiments, the user interface module 270
sends the user code to the encryptor 250 to decrypt a security
code. The security code may be used to authorize access to the
stored data.
FIG. 3 is a flow chart for the entry of a user code to access
stored data, in accordance with one embodiment of the present
invention. The user interface module 270 (FIG. 2) receives the user
code from the user in step 300. The user code may comprise a series
of numbers, letters, symbols, or special characters. In other
embodiments, the user code comprises a retinal scan, voice
identifier, or fingerprint identifier.
In step 310, the authorization module 220 (FIG. 2) determines if
access to the stored data is authorized. In one example, the
authorization module 220 receives and compares the user code to the
one or more authentication passwords within the keystore module 210
(FIG. 2) or the file system 230 (FIG. 2). If the authorization
module 220 determines that access to the stored data is authorized,
then the authorization module 220 may generate a signal to the
device controller 200 (FIG. 2) to allow or provide access to the
stored data in step 320. Once access to the stored data is
authorized, a digital device (not depicted) may access the data
stored within the database 260 of the secure storage device
100.
FIG. 4 is another flow chart for the entry of a user code to access
stored data, in accordance with one embodiment of the present
invention. In step 400, the user interface module 270 (FIG. 2)
receives the user code from the user. In some embodiments, the user
interface module 270 sends the user code to the encryptor 250 (FIG.
2) to decrypt the security code with the user code. The security
code can then be transmitted to the authorization module 220 (FIG.
2) to determine if access to the stored data is authorized.
In step 410, the authorization module 220 determines if access to
stored data is authorized. In one example, the authorization module
220 receives and processes the security code. The authorization
module 220 can base the authorization determination, at least in
part, upon the security code. In other embodiments, the
authorization module 220 can bease the authorization determination,
at least in part, upon the security code and an authentication
password. In an example, the authorization module 220 can retrieve
the authentication password from the keystore module 210 (FIG. 2),
the file system 230 (FIG. 2), or the database 260 (FIG. 2). In some
embodiments, the authentication password is stored with one or more
other authentication passwords. The authentication password may be
stored in a hash table and/or encrypted. If the authorization
module 220 determines that access to the stored data is authorized,
then the device controller 200 (FIG. 2) can send a signal to
illuminate the LED to indicate authorization in step 420. If access
to the stored data is not authorized, FIG. 4 ends. Lockout and
resetting the secure storage device 100 is further discussed in
FIG. 5.
In step 430, in response to authorization to access the stored
data, the encryptor 250 decrypts the encryption key. The encryption
key can be used to encrypt data received from the digital device
prior to storing within the database 260. Similarly, the encryption
key can be used to decrypt stored data received from the database
260 to send to the digital device. The process of
encryption/decryption can occur during saving and transmitting data
with no appreciable loss of speed. In some embodiments, an
encryption key and a separate decryption key are decrypted by the
encryptor 250.
Upon authorization, the device controller 200 can descramble the
database file system contained within the file system 230. As a
result, the data partition containing the database 260 may be
mounted once the secure storage device 100 is operationally coupled
to the digital device.
In exemplary embodiments, after authorization is indicated, the
secure storage device 100 (FIG. 2) can be operationally coupled
with a digital device. In one example, the user inputs the correct
user code and receives an indication that access to the stored data
is authorized. The user can then couple the secure storage device
100 to the digital device, which subsequently sends an
identification query to the secure storage device 100.
In step 440, optionally in response to an identification query from
the digital device, the device controller 200 sends a signal to the
digital device to identify the secure storage device 100 and mount
the data partition. In step 450, the device controller 200 receives
a request for stored data from the digital device. The requested
stored data is unencrypted by the encryptor 250 with the proper
encryption key prior to sending the requested stored data to the
digital device in step 460.
In exemplary embodiments, the access to the stored data is
authorized only for a predetermined period of time before
re-authorization is required. In one example, access to the stored
data within the secure storage device 100 remains authorized for
two minutes unless the secure storage device 100 is operationally
coupled to a digital device during that time.
In other embodiments, re-authorization is required after a
predetermined period of inactivity. In one example, access to
stored data is authorized and the secure storage device 100 is
subsequently operationally coupled to a digital device via a USB
connector. If data is not stored on the secure storage device 100
or retrieved from the secure storage device 100 within 30 minutes,
then access to stored data may be denied until
re-authorization.
In some embodiments, re-authorization is required after the secure
storage device 100 is decoupled from the digital device or after
the user presses a switch or button to terminate the session. In
one example, the user unplugs the secure storage device 100 from a
USB port on the digital device which terminates the session and
access to the stored data requires re-authorization. It will be
apparent to those skilled in the art that there may be many ways to
terminate a session and require re-authorization.
In exemplary embodiments, the user can change or otherwise
customize the user code. In one example, the user code comprises
numbers, letters, symbols, or special characters. The user may
enter a customize code to change the user code. In an example, the
customize code can be sent from the manufacturer with the secure
storage device 100. In another example, the user downloads the
customize code from a website. The customize code may be unique to
each secure storage device. Further, the customize code may change
on every code change or after a predetermined time interval.
The user code can also comprise a fingerprint, voice identifier, or
retina scan. In various embodiments, the customize code can be
entered into the secure storage device 100 through buttons or
switches. The fingerprint, voice identifier, or retina scan can
then be entered. The entered fingerprint, voice identifier, or
retina scan can then be used as the user code.
FIG. 5 is a flow chart for locking and resetting the secure storage
device 100, in accordance with one embodiment of the present
invention. In step 500, the device controller 200 (FIG. 2) receives
the user code from the user to access to the stored data within the
secured storage device 100 (FIG. 2).
In step 510, the authorization module 220 (FIG. 2) authenticates
the user code to determine if access to the stored data is
authorized. If access to the stored data is authorized, then the
device controller 200 provides an operationally coupled digital
device access to the stored data in step 520. If access to the
stored data is not authorized and the user code is incorrect, the
device controller 200 transmits a signal to illuminate an LED to
indicate that denial of authorization in step 530. In one example,
the LED is red which indicates the denial of authorization. In
other embodiments, a sound is generated by the secure storage
device 100 or light and one or more sounds are generated by the
secure storage device 100 to indicate denial of authorization.
In step 540, the device controller 200 locks authorization to the
stored data. This "lock out" requires that the secure storage
device 100 be reset before access to the stored data is authorized.
In some embodiments, a predetermined number of attempts to
authorize access occur before the secure storage device 100 is
locked out. The device controller 200 can transmit a signal to the
authorization indicator 160 (FIG. 1) to indicate that the secure
storage device 100 is locked.
In exemplary embodiments, the user visits a product website,
identifies the secure storage device 100, and requests a reset key.
The reset key is a code that resets the secure storage device 100
so that the user can seek access to the stored data. In one
example, the user creates an account on a website and must answer
specific questions to authenticate the user's identity prior to
requesting the reset key. The reset key can change over an interval
of time, upon every use, or upon each request for the reset key. In
other embodiments, the user receives the reset key upon purchase of
the secure storage device 100.
In step 550, the device controller 200 receives the reset key from
the user. The reset key can be used to decrypt a reset code prior
to resetting the secure storage device 100. Further, the
authorization module 220 may determine that the reset key and/or
the reset code are authentic prior to resetting.
In step 560, the device controller 200 resets the secure storage
device 100. In some embodiments, the device controller 200
transmits a signal to the authorization indicator 160 to indicate
that the secure storage device 100 is no longer locked. In some
embodiments, the device controller 200 transmits an unlock signal
to the authorization module to unlock the secure storage device 100
so that the secure storage device 100 can again receive a user code
to access the stored data in step 500.
FIG. 6 is a block diagram of the secure storage device 100 in an
exemplary implementation of the invention. The secure storage
device 100 comprises a processor 600, an optional memory system
610, a storage system 620, a user interface 630, a communication
interface 640, feedback system 650, and a power system 660 which
are all coupled to a system bus 670. The processor 600 is
configured to execute executable instructions. In some embodiments,
the processor 600 comprises circuitry or any processor capable of
processing the executable instructions.
The memory 610 is any memory configured to store data. Some
examples of the memory 610 are storage devices, such as RAM or
ROM.
The storage system 620 is any storage configured to retrieve and
store data. Some examples of the storage 620 are flash drives, hard
drives, optical drives, and/or magnetic tape. The storage system
620 can comprise a database 260 (FIG. 2) or other data structure
configured to hold and organize data. In some embodiments, the
secure storage device 100 includes memory 610 in the form of RAM
and storage 620 in the form of flash data.
The user interface 630 is any device that can receive a user code.
The user interface 630 can be, but is not limited to, a radial
dial, keypad, or biosensor.
The communication interface 640 can be coupled to any digital
device via the link 680. As discussed in FIG. 1, the communication
interface 640 may support communication over a USB connection, a
firewire connection, an Ethernet connection, a serial connection, a
parallel connection, or an ATA connection. The communication
interface 640 may also support wireless communication (e.g.,
802.11a/b/g/n or wireless USB). It will be apparent to those
skilled in the art that the communication interface 640 can support
many wired and wireless standards.
The feedback system 650 is any indicator that signals the user that
access to the stored data within the secure storage device 100 is
authorized. In some examples, the feedback system 650 can be an LED
light or sound. The feedback system 650 may also indicate that
access to the stored data is not authorized or that the secure
storage device 100 is locked.
The optional power system 660 is any system that can provide power
to the secure storage device. The power system 660 can supply power
to the secure storage device 100 to receive the user code and
authorize access to the stored data. In one example, the power
system 660 comprises a rechargeable battery, a replaceable battery,
or a capacitor. The batteries or capacitor may be recharged with a
power recharger or from power received from the digital device. In
some embodiments, the power system 660 is optional, and the user
code can be passively received. Once the secure storage device 100
is coupled to the digital device, power can be received from the
digital device and the authorization process completed.
In some embodiments, the power system 660 supplies power to the
processor 600 when the secure storage device 100 is not coupled to
a digital device. In one example, the power system 660 supplies
power to the processor 600 during the process of receiving the user
code and authorization. Once the secure storage device 100 is
coupled to the digital device, the digital device may supply power
to the secure storage device.
The above-described functions can be comprised of executable
instructions that are stored on storage media. The executable
instructions can be retrieved and executed by the processor 600.
Some examples of executable instructions are software, program
code, and firmware. Some examples of storage media are memory
devices, tape, disks, and integrated circuits. The executable
instructions are operational when executed by the processor to
direct the processor to operate in accord with the invention. Those
skilled in the art are familiar with executable instruction
processor(s), and storage media
* * * * *
References